17:14
12:12
11:50
This is a question about an authentication scheme.
Say I have a shared secret string S, and two computers, C1 and C2
- Computer one (C1) sends a random string (R) to computer two (C2)
- C2 hashes (say SHA256) the concatenation of S and R (SR)
- C2 sends the hash of SR to C1, along with some instructions
- C1 compares the received hash of SR with it's own hash of SR and executes the instructions if they match
- Wash, rinse, repeat with different values of R
Now, what I want to know is if someone intercepts a whole bunch of R values, and a whole bunch of SR hashes, can they use that as a "crib" to work out what S is, thus allowing them to forge instructions?
I'm already aware of the potential for a MITM attack here (attacker intercepts response, changes the instructions and forwards it on).
I honestly don't know what I'm dealing with here, I only have a bit of historical knowledge about encryption but that included the use of cribs to break them. I'm not a theorist, so anything you can definitively tell me about specific strong hashes would be great.
Alternate authentication schemes are also welcome, assuming the constraints of an existing shared secret string like in this example. Would I be better off just using S as a key for AES? If I do that, can I still use this in the encrypted message to prevent replay attacks?
Any and all advice welcome, I sort of deviated from my question at the end, so feel free to deviate in your answers!
11:50
This is a question about an authentication scheme.
Say I have a shared secret string S, and two computers, C1 and C2
- Computer one (C1) sends a random string (R) to computer two (C2)
- C2 hashes (say SHA256) the concatenation of S and R (SR)
- C2 sends the hash of SR to C1, along with some instructions
- C1 compares the received hash of SR with it's own hash of SR and executes the instructions if they match
- Wash, rinse, repeat with different values of R
Now, what I want to know is if someone intercepts a whole bunch of R values, and a whole bunch of SR hashes, can they use that as a "crib" to work out what S is, thus allowing them to forge instructions?
I'm already aware of the potential for a MITM attack here (attacker intercepts response, changes the instructions and forwards it on).
I honestly don't know what I'm dealing with here, I only have a bit of historical knowledge about encryption but that included the use of cribs to break them. I'm not a theorist, so anything you can definitively tell me about specific strong hashes would be great.
Alternate authentication schemes are also welcome, assuming the constraints of an existing shared secret string like in this example. Would I be better off just using S as a key for AES? If I do that, can I still use this in the encrypted message to prevent replay attacks?
Any and all advice welcome, I sort of deviated from my question at the end, so feel free to deviate in your answers!
14:45
14:45
14:47
You could try EasyHook, it looks to be useful. Can't patch "system wide" though, you would need something like a Proxy DLL for that.